Technical Cyber Security Alert TA06-192A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, IIS, and Office. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.

-
漏洞描述

A local overflow exists in Office, Project, Visio and Office for Mac. The applications fail to validate Office files that contain malformed strings related to record lengths resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

-
时间线

公开日期:
2006-07-11

发现日期:
Unknow

利用日期:Unknow

解决日期:2006-07-11

-
解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.